package com.iflytek.edu.epas.dubbo.filter;

import com.alibaba.dubbo.common.extension.Activate;
import com.alibaba.dubbo.common.utils.StringUtils;
import com.alibaba.dubbo.rpc.Filter;
import com.alibaba.dubbo.rpc.Invocation;
import com.alibaba.dubbo.rpc.Invoker;
import com.alibaba.dubbo.rpc.Result;
import com.alibaba.dubbo.rpc.RpcContext;
import com.alibaba.dubbo.rpc.RpcException;
import com.iflytek.edu.epas.dubbo.auth.EpasAuthInfo;
import com.iflytek.edu.epas.dubbo.common.EpasUtils;
import com.iflytek.edu.epas.dubbo.config.EpasProviderConfig;

@Activate(group = {"provider"})
/* loaded from: input_file:com/iflytek/edu/epas/dubbo/filter/EpasAuthFilter.class */
public class EpasAuthFilter implements Filter {
    private static EpasProviderConfig config;
    private static String encryptedAppSecret;

    public static void init(EpasProviderConfig epasProviderConfig) {
        config = epasProviderConfig;
        encryptedAppSecret = EpasUtils.MD5(config.getAppSecret());
    }

    @Override // com.alibaba.dubbo.rpc.Filter
    public Result invoke(Invoker<?> invoker, Invocation invocation) throws RpcException {
        if (config != null && config.isAuth().booleanValue() && invoker.getUrl().getParameter("epas_auth", true)) {
            config.getAuthManager().setRegistryHost(invoker.getUrl().getHost());
            EpasAuthInfo authInfo = config.getAuthInfo();
            if (authInfo != null) {
                String name = invoker.getInterface().getName();
                String methodName = invocation.getMethodName();
                String attachment = RpcContext.getContext().getAttachment("sign_timestamp");
                String attachment2 = RpcContext.getContext().getAttachment("sign_value");
                String attachment3 = RpcContext.getContext().getAttachment("app_key");
                String str = authInfo.getAppInfo().get(attachment3);
                boolean z = false;
                if (StringUtils.isEquals(attachment3, config.getAppKey())) {
                    z = true;
                    str = encryptedAppSecret;
                }
                boolean z2 = StringUtils.isEmpty(attachment3) || StringUtils.isEmpty(str);
                if (!z && !z2 && authInfo.getTrustyApp().contains(attachment3)) {
                    z = true;
                }
                if (!z && !z2 && authInfo.getData().containsKey(EpasUtils.getAuthInfoKey(name, methodName, attachment3))) {
                    z = true;
                }
                if (!z) {
                    throw new RpcException(4, String.format("Check auth failed, %s cannot invoke %s %s.%s", attachment3, config.getAppKey(), name, methodName));
                }
                if (!StringUtils.isEquals(attachment2, EpasUtils.sign(attachment3, str, attachment))) {
                    throw new RpcException(4, "Check sign failed, error consumer appSecret or too old epas-dubbo version");
                }
            }
        }
        return invoker.invoke(invocation);
    }
}
